The Ultimate Net Monitoring Tool? 293
Wired News is reporting that the equipment found in the "secret" NSA room at AT&T wasn't some elaborate device designed by Big Brother. Rather, it is a commercially available network-analysis product that any company could acquire. From the article: "'Anything that comes through (an IP network), we can record,' says Steve Bannerman, marketing vice president of Narus, a Mountain View, California, company. 'We can reconstruct all of their e-mails along with attachments, see what web pages they clicked on, we can reconstruct their VOIP calls.'"
Error Page (Score:3, Funny)
Re:Error Page (Score:2, Funny)
I'm really sick of seeing the first post being a "nothing to see here please move along" joke, then get modded up insightful/interesting...
Oh well, (Score:4, Funny)
Re:Oh well, (Score:5, Funny)
Re:Oh well, (Score:5, Funny)
This is one of those time you wish it were a Microsoft product...
Re:Oh well, (Score:2, Funny)
Re:Oh well, (Score:3, Funny)
I don't think it will be thumbs that will be up.
oh, in that case... (Score:5, Funny)
Re:oh, in that case... (Score:3, Insightful)
What makes it okay is that:
THE INTERNET IS NOT SECURE
You have been told this from the moment you first entered the Internet.
Anyone and everyone can see and record every byte you emit from your computer.
The only detail is that the NSA, being a government entity, can not use the information as evidence in a court action against you, nor can they use any information that they gather only because they had this information.
So I don't understand why people are outraged about the privacy issue. It's the issue of
Encryption? (Score:5, Insightful)
Re:Encryption? (Score:5, Insightful)
I somehow doubt that they are just using a "commercially available network-analysis product". I mean what "commercially available network-analysis product" breaks encryption?
Is this really news to anyone? I thought the original report showed they were using a Narus box. If I recall correctly it does not break encryption, but it will automatically make copies of matching encrypted flows for later analysis and cracking. My guess would be they just make copies of encrypted traffic they are interested in then move on to the big guns if it is really, really important (which they may or may not have ever actually done).
Re:Encryption? (Score:2)
Re:Encryption? Why decrypt later? (Score:3, Interesting)
Just call them up. Make up your own scenarios. But, if LINUX users DON'T need the damned CD, why do windoze and Mac users need it. If you posit that you rebuild your machine every 6 weeks and you always lose your ISPs disk, or broke it by mistake, do you still
Re:Encryption? Why decrypt later? (Score:3, Interesting)
-- the ISPs are getting marketing dollars by deploying the disks, and when each one is installed, it calls back to mshaft to verify that the ISP is entitled to marketing dollars, which then enables mshaft to bolster their OS useage counts (which can be negated or deflated when users successfully log in without the disk ever being installed, which means an employee NOT pushing the disk installation might lose commissions or deprive th
Re:Encryption? Why decrypt later? (Score:3, Insightful)
I am suspecting that the ISPs who INSISTS the newbie/uninformed windoze users and Mac users install that ISPs crackware CD masquerading as an 'experience enhancing/improving' software tool is really just a Trojan to facilitate later offline decryption.
I seriously doubt this, but it is easy enough to find out. Make a vm of windows and save it. Install the software save it. Take a look at the bits and figure out what has changed. Has it touched any of the encryption libraries or programs? Just copy them of
Re:Encryption? Why decrypt later? (Score:5, Funny)
Re:Encryption? (Score:2)
Re:Encryption? (Score:3, Interesting)
Except, of course, that breaking encryption is the Holy Grail of Signal Intelligence. Sometimes, Traffic Analysis -- which is exactly what the NSA is doing here acording to the Wired article -- is just as interesting, and a lot easier to do.
Knowing that person A is talking to person B, and that the number of messages between the two is increasing, and where and when each message has been sent (not to mention what type of traffic
Re:Encryption? (Score:2)
Of course if the NSA has a supersecret way of breaking all encryption (like the movie sneakers) then of course we are all screwed.
Re:Encryption? (Score:3, Funny)
It's Bad Form to drop missile on viable states, even when they disagree with you.
Nuking France does sounds tempting, though.
Re:Encryption? (Score:3, Informative)
Thanks for the link! Interesting reading.
I'm a little baffled by your comments about "political correctness" and Bill Clinton, however. According to the article you linked:
"This decision to deny a warrant gave rise to the myth that 'The Wall' between overseas intelligence and criminal investigations made the PATRIOT Act necessary. To this day this myth is cherished among right-wing radio talkers and has, just now, morphed into a clumsy justification for the White House's sidestepping the FISA court an
Re:Encryption? (Score:2, Informative)
No. The header is not encrypted, only the payload.
It is unlikely that without huge resources that an intermediary could decrypt an otherwise
intact communication (i.e. no man-in-the-middle attack took place).
Functional Spec and Deliverables (Score:5, Interesting)
From TFA, the deliverable:
We can reconstruct all of their e-mails along with attachments, see what web pages they clicked on, we can reconstruct their VOIP calls.
AT&T. Your world, delivered.
Re:Functional Spec and Deliverables (Score:2)
Actually I recently saw a documentary on East Germany
Narus customer touting -- AT&T at top of list (Score:3, Informative)
Re:Narus customer touting -- AT&T at top of li (Score:2, Informative)
Saudi Telecom, the preeminent telecommunications provider in the region, is employing the NarusInsight Discover Suite's VoIP detection application module to recover revenue that would otherwise be lost through unregulated VoIP traffic. Deployed by Narus Partner Giza Systems, NarusInsight captures and analyzes all VoIP traffic in the Saudi Telecom network. The VoIP detection module provides the real time information necessary for Saudi Telec
Hm. (Score:3, Interesting)
If enough large companies are purchasing these to the degree that a company manufactures this equipment...exclusively.. doesn't that strike an interesting chord?
Re:Hm. (Score:3, Interesting)
Does it make anybody else nervous that there is a market for these products? "off the shelf" products that can scale to this degree? If enough large companies are purchasing these to the degree that a company manufactures this equipment...exclusively.. doesn't that strike an interesting chord?
Supply and demand is somewhat elastic. Where I work right now we build fairly specialized traffic monitoring servers for the core and edge routers of ISPs. While we don't manufacture our own hardware, we do make use
Re:Hm. (Score:2)
Re:Hm. (Score:2)
AT&T isn't the only telecom left. Large retailers, banks, credit card companies also have a need to store trillions of records.
Actually, the constraint here is throughput, not storage. How many Gigabytes per second can you match against a regular expression while still not introducing significant latency in the packets you forward? Copying the matching flows into a huge database for examination is the easy part.
Time enough (Score:4, Insightful)
Great! So, do you get the Amazing PauseTheUniverseTechnology free with this nifty gadget? Because it'll take some time to review "anything that comes through".
Re:Time enough (Score:5, Funny)
Not to worry. The RIAA will soon sue them for being able to record illegally downloaded songs. Problem solved.
Re:Time enough (Score:5, Insightful)
Re:Time enough (Score:3, Funny)
Re:Time enough (Score:2)
Or, if you are a corrupt homeland security agent, you can browse through random calls (well, profiled random calls
Re:Time enough (Score:2)
True, and for that reason, this won't help much to prevent any short-term activity.
After-the-fact, however, it would tend to allow a near 100% detection rate - Assuming the subject used any form of electronic communication (which, interestingly enough, tends to make this all the less useful for detecting terrorists, who strongly favor ultra-low-tech methods). Case in point, the recent Slashdot article on using phone records to track
The evidence (Score:5, Informative)
One of the perks of living in Mt. View... (Score:2, Interesting)
Well, I feel better now! Not. (Score:5, Insightful)
But - that's not the problem as I see it. The problem, to borrow and massacre a line from "Jurrasic Park", is that they were so eager to see if they could they didn't consider if they should.
Take the domestic to international wiretap thing. Under US law, listening in on foreign conversations is A-OK (whether that's legal in other countries I'm not even going to worry about). But the law is clear: the second there's a domestic person on that call, the NSA has to get permission from the courts. And not only that, it can be a secret court. And not only a secret court, but they can do it up to 3 days after they start - so there's no issue of "Dang, we'd listen to this call from an Al Queda agent, but we can't because Michael Moore's on the phone, and the warrant will take too long!" No - they can start now, get the warrant later.
Then there's the domestic phone call tracking. Even if this is not strictly illegal, it still smacks of wrong. (Yes, I think there are things not illegal that are still wrong. Like Mint Oreos. Very wrong, just not illegal.) Why? Because there's no independant, "checks and balances" oversight. And yes, I have things to hide, before you ask, so I don't want the government picking that out. Like people in politics I call because I disagree with their politicies, or calls to an abortion clinic for a friend of mine who's husband is abusive and says he'll kill her if she calls the clinic, or to a reporter because my place of work is doing illegal things (note for the clueless: the former might or might not be true, but they are examples of why people might not want the government tracking calls) - the list goes on. So I don't want the government snooping in on, especially when there's no guaruntee that Joe Politician can't look in and try and use that data against me or my family or the very government system itself.
So, great to know that there are over the shelf components to track log files. I'm more interested in making sure that another branch of the government is at least watching out to make sure that this data is not being abused. No, I don't need all of the details - that's why we have elected leaders whom I (hopefully) trust enough to look out for my interests - I just want to make sure those interests are protected by the process.
Which said process, so far, seems to be either willingly ignored, or outright violated.
Of course, this is all just my opinion, and I could be wrong. And to the NSA folks tracking this post - Hi!
Re:Well, I feel better now! Not. (Score:2)
Good grief, I hope that pretty much everyone is in agreement that illegal and immoral are intersecting sets for which the intersection is a proper subset of both sets.
There is oversight ... (Score:3, Insightful)
Nonsense! TIA is operated against the law. (Score:3, Interesting)
When informed of Total Information Awareness, Congress loudly and firmly killed it, but the NSA did it anyway in secret. [csoonline.com]
This is a scandal of first order. The goal is unconstitutional, the attitude is nuamerican and the means are illegal. This is the kind of shit we fought the Cold War to avoid. I'm furious and you
Re:There is oversight ... (Score:3, Interesting)
Err... (Score:5, Insightful)
Sure, anybody could acquire the hardware used. The trick is to get the equipment onto AT&T's network without ending up in jail.
Re:Err... (Score:3, Funny)
Hey, if the NSA can do it without warrants, why can't we?
Tor (Score:4, Informative)
Re:Tor (Score:2)
Damn! Now the NSA knows that I've clicked on the link! Cat's out of the bag!
Re:Tor (Score:2)
Re:Tor (Score:4, Interesting)
I remember reading about the Freenet Guy's planned changes (moving freenet to a friend-based system where you connect along lines of trust rather than completely anonymously, and immediately thought that the unstated goal was to cut *those* people out as much as possible rather (or in addition to) than the scalability reasons given.
Hmm, better post this anonymously...
Re: (Score:3, Interesting)
These are the tools or databases (Score:5, Informative)
What is Daytona?
Daytona is a database management technology originally developed and maintained by the AT&T Laboratories division of AT&T, and is used by AT&T to manage multiple databases. Daytona was designed to handle very large databases and is used to manage "Hawkeye," AT&T's call detail record (CDR) database. Daytona is also used to manage AT&T's huge network-security database, known as "Aurora." As of September 2005, all of the CDR data managed by Daytona, when uncompressed, totaled more than 312 terabytes.
http://www.research.att.com/projects/daytona/ [att.com]
What is Hawkeye?
Hawkeye is AT&T's call detail record (CDR) database, which contains records of nearly every telephone communication carried over its domestic network since approximately 2001, records that include the originating and terminating phone numbers and the time and length for each call.
What is Aurora?
Aurora is a network-security database that had been used to store Internet traffic data since approximately 2003. The Aurora database contains huge amounts of data acquired by firewalls, routers, honeypots and other devices on AT&T's global IP (Internet Protocol) network and other networks connected to AT&T's network.
Yawn. (Score:3, Insightful)
Monitoring Users? Nawww. (Score:2, Funny)
I'm sure they are just using it to get free porn.
Re:Monitoring Users? Nawww. Yaaaah (Score:2)
And they don't even have to go to the effort of tracking it down. The let everyone else do that work for them.
I am starting not to care anymore... (Score:2)
reconstruct calls, as in 'listen to'? (Score:2)
***WOOP WOOP WOOP! Red flag word used! (Queue NSA goons smashing through my windows)***
Why is this news? (Score:2, Informative)
And this is supposed to make me feel better? (Score:3, Interesting)
The equipment that former AT&T technician Ed Klein learned was installed in the NSA "secret room" in AT&T's San Francisco switching office isn't some sinister Big Brother box designed solely to help governments eavesdrop on citizens' internet communications."
Oh great - I feel so much better about that. I was just worried that the government might have EXCLUSIVE rights to spy on me! But, as long as it's all shared and everyone can do it, then I guess it's ok.
Thanks for the post - I'll sleep so much better now.
Damn - where's the sarcastic emoticon when you need it.
Narus STA 6400? (Score:2)
AKA... (Score:2)
Wow (Score:2)
You're kidding !?!?! (Score:2, Funny)
Doesn't matter (Score:2)
Bellyaching (Score:3, Interesting)
If they can't come up with anything specific that day, W. calls the RIAA and has them sue a dead woman. They want to make people so damn paranoid that one day they'll just turn around and say "Okay we're taking over your life, here is your itinerary for the day, don't alter this schedule. You have a bowel movement scheduled in 15 minutes". The vast majority will think its an awesome idea.
These stories are great to remind us what a wasteland this place has become, but they serve no real purpose if no one actually does anything about it.
Re:Bellyaching (Score:2)
Oh my boss would love that. Imagine the increased productivity that would result!
Re:Bellyaching (Score:2)
Re:ITMFA? (Score:2)
How Much? (Score:2)
Anything that comes through , we can record (Score:4, Funny)
In other new, the RIAA sue the NSA!
Not just easily available, but free! (Score:3, Interesting)
Ethereal. Excellent tool, even for non black hats!
Field Proven! (Score:2, Interesting)
Can reconstruct emails? Not this one. (Score:3, Interesting)
Dear Narus,
i PxHsoCwtOeytveJ H49A==
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.1 (GNU/Linux)
jA0EAwMCiGG6wLlc/6tgyUeJGySx1Ccd8lGe3ugi35iwgMr2y
r8fdeb237gtWNHzaen4DpYF9ibJ4E6DCxm8+yGpYcoP7bgEnz
=BJEi
-----END PGP MESSAGE-----
(created with "gpg -a -c"). Just a reminder that if you don't like people reading your email, you and your recipient can rather easily make sure nobody can practically do so.
The NSA could probably break one PGP message's encryption in a matter of hours (or maybe even minutes), but they couldn't break one million. How about we all really press our friends to get PGP keys made+signed and the software installed...and ENCRYPT EVERY SINGLE PERSONAL EMAIL to them? Good luck to the NSA trying to sift through all that crap.
Re: (Score:2)
Comment removed (Score:3, Interesting)
Used by Chinese telcos, too (Score:2, Informative)
Great to know that the same Big Brother software is being used in USA and China. Invokes some warm fuzzy feeling of union...
Expectations (Score:3, Interesting)
If you send/receive packets of data over a public connection, i.e. the internet, somehow you are expecting privacy? Hmmm. (notice the thoughtful pause) If you want or need privacy over a public medium, it seems simple to me. Use encryption.
Don't get me wrong, I hate big government and big government's intrusion into my personal life. But, I also do not see my internet activity as a personal/private activity. There are just too many people involved. Webmasters see me visiting their site. My ISP knows where I go and what I do. So, I assume there will be others knowing that stuff too. There may be dozens of people 'knowing' what my internet activity looks like. No, I do not like big brother recording everything. It will, however take an amazing database to house all the data while waiting to be filtered and I am doubtful that the end result will accomplish what they are striving for.
Fear (Score:2, Informative)
I think the most frightening part is that when I talk to my more conservative family members and most people who only casually know about these issues or politics, they see NOTHING wrong with everyone and their brother recording all the information they can on them and
By the way (Score:2)
At which point are you guys now? I'd say it's already past the third, no?
Bush Signed Executive Order Allowing Telcos To Lie (Score:4, Informative)
Re:Spying (Score:4, Insightful)
Except that people aren't. I read in TIME magazine last night that over 50% of the people interviewed think that the NSA call database is justified in the War On Terror (TM). Most people will only care if it influences thier ability to watch American Idol, and if not, oh well.
Re:Spying (Score:2, Insightful)
Usurper_ii
Re:Spying (Score:2)
True in general, but does it apply to this program?
Former NSA analyst Ira Winkler has said in public that it's reducing security, and if you were designing a system with the goal of increasing security, you wouldn't spy on hundreds of millions of people in the hope of catching some of the hundreds of terrorists.
Re:Spying (Score:2)
Oh, but it does affect American Idol. The votes are handled via a call-in system. The NSA now has a record of who you voted for!
Re:Spying (Score:5, Insightful)
Was the article getting those numbers from Time's own poll, or the recently released telephone poll of 502 (IIRC) Americans which there are plenty of problems with? This is exactly why the saying "there are lies, damn lies, and statistics" is applicable. This single - IMHO flawed - poll is being used at every media outlet to show people there isn't a problem and 'see, most Americans think this is ok so You Should Too.'
Well that's not what democracy is about, it's not about groupthink, otherwise there would be no wheelchair access to most places, plenty of towns would probably still have public buildings segregated by race/class/religion, etc, etc. Majority - or mob - rule is something that democracy tries to prevent, just because the majority thinks one way does not mean they are right. And yet people allow themselves to be coerced by one stupid poll after another. Let's face it, anyone who is willing to answer a 50 question telephone poll is likely not terribly interested in their privacy, that fact alone should invalidate the poll as it introduces an unmeasurable - but likely significant - bias. My thought is that a more thorough, in-person poll with a larger sampling will show that in fact most Americans don't think this program is ok. But until such a less biased poll is conducted then all that will be referenced is this stupid poll that forwards the government's agenda. And if I'm proven wrong then so be it, in that case then this poll should no longer be quoted to assauge people's fears of this domestic spying program, but should be used as an alarm that this country is asleep! The populace needs to be woken up. Until 100% of the people are screaming mad at a warrantless datamining/spying program undertaken by the government against anyone and everyone regardless of guilt, then it means we have some educating to do! You wouldn't let a government agent swing by every morning and look at all the mailing addresses on letters going to/from your house, why the hell would you let them do the same to your phone records? Because you can't see it? Because "it doesn't affect me"? If nothing else the whole program is stupid because the government is looking for a needle in a haystack in these communications and thus far all their efforts are doing is adding more hay! Some of the 9-11 hijackers' calls were intercepted before 9-11, but they weren't translated in time to be of any use. Now we're expected to believe that fewer agents sifting through more data will somehow prevent another attack of the same sort? Laughable if it weren't so damn unfunny.
[/rant]
Re:Spying (Score:3, Insightful)
Is doesn't matter if the polls are inaccurate.... What is the majority of the masses *believe* the poll? They will change their opinions if they think that idea "X" is generally supported. Remember, most of the registered voters didn't even vote!
This is
Re:Spying (Score:3, Insightful)
Anyone who blindly changes their mind over a poll with a slim majority difference deserves what they get. Unfortunately for the rest of us we'll be getting it too. :-/
Could the government log all postal activity? (Score:4, Interesting)
This got me thinking... according to this link: Handwritten address interpretation [buffalo.edu]:
(emphasis mine.)So, it's only a small step to record all that metadata for every letter sent within the USA. Just have postmasters general submit the day's scan logs to the gov't for review for possible terrorist links, and, by the way, archive all th information received. This information could include:
So, maybe you were just joking, but from what I've seen lately, I'd have to suspect that this may already in place... can anyone corroborate this?
Re:Could the government log all postal activity? (Score:3, Funny)
Re:Could the government log all postal activity? (Score:3, Insightful)
Re:Spying (Score:2)
Re:Government doesn't like to do homebrew (Score:2)
That and they spend hundreds of millions on less complex tools that never materialize into a real application.
No (Score:5, Insightful)
If you don't like it, encrypt it.
Re:No (Score:2)
Re:No (Score:2)
By sending IP packets, you are distributing your work. Narus could make a fair use argument that would be a chilling parody of the arguments posted by folks who troll around slashdot arguing that fair use covers anonymous torrents.
First, fair use does not apply to recreating entire works, except in a few, specifically described circumstances that don't apply here. Second, Narus is just selling gear, what someone else does with it is not their problem. Third, their customers are ISPs, given exemption from
Re:No (Score:2)
I should have been more clear. I don't believe that it's necessarily a legitimate argument. Just that it's one
No No No (Score:2)
That's like saying that mailing an envelope via postal mail is distribution!!
IP packets clearly specify the source and destination address. (i.e. their payload is to only be received by the specified recipent).
The only difference is that we do not have federal laws that make "opening the contents" of an IP packet to be illegal. Otherwise it is no different than the postal mail system.
Re:So THAT explains the webcam pics... (Score:2)
Join the NSA
Re:Here's a question... (Score:2)
It's legal for you to send packets over network connections owned and operated by third parties. If you have an expectation of privacy for data being handled by parties you have no relationship with, you're being unreasonable.
This is not necessarily so. First, many technologies apply a strong metaphor to an existing service, even going so far as to assure customers they won't be able to tell the difference. VoIP is the primary consideration here, but e-mail is also a candidate. It is illegal for someon
Re:Article Is Spin, Of Course (Score:2)
Re:Article Is Spin, Of Course (Score:5, Interesting)
This device as designed and built for spying, and was placed into telcos everywhere on the PRETEXT of being useful for traffic analysis. Then the NSA came calling and bulldozed the telcos into giving them everything that goes through it.
Well, sort of. This device is (I believe) a modified version of what the ISPs have been using for a long time to let them accurately bill people for the services they offer and negotiate peering agreements and QoS contracts.
The fact of the matters is that Narus the company is run by an "Israeli immigrant" and is financed by, among others, an Israeli investment company, one of the partners of whom happens to have worked for the Israeli government, including a stint developing optical devices for the Israeli military.
Whoa, whoa, whoa there cowboy! Now I like a good conspiracy theory as much as the next guy, but you're making some pretty big and likely unwarranted leaps here. A whole lot of the traffic shaping, modeling, and balancing technology came out of Israel. The university there had a top notch network engineering program with a lot of smart people and patents coming out of it. Most moved to the US, where they could make money off of the .com boom and the aftermath. I know because I work with one of the professors who came over here to do that and let me tell you, he giggles way to much to be a mossad agent. I imagine anyone working in high-tech in Israel probably did some work for the military, especially if they were in academia.
And one of the directors on the board happens to be an "ex-" NSA guy...
So? I'm sure it helped them get the contract, and maybe helped them decide on the feature set. This is very common in the security industry. The company I work for has ex Microsoft people and ex-Cisco people. Surprise, surprise we sell to both of them. Another company we do a lot business with has ex Naval intelligence and NSA people. Guess who two of their big customers are? That is just the way the industry works. If you know people, you have an in and and often an advocate who helps to make the sale.
The reality is that this device was designed and built for spying by the Mossad, in collaboration with the NSA, and then sold to the telcos under a pretext, which was then altered by arm-twisting or payment to the telcos to sell out the US Constitution.
The reality is, some people found a niche and they filled it. This same type of functionality is needed for billing services and compliance with a number of government acts regarding lawful intercept, financing, security, and privacy assurance. Now maybe the NSA or AT&T requested added features to make this sort of activity easier. Maybe Narus came up with them on its own and sold them on it.
I certainly think it is being misused and in a way that violates the founding principals of our government. That does not mean it is some grand conspiracy and running off half-cocked spouting this sort of unsupportable nonsense isn't helping anything. All it is doing is reducing the credibility of those who argue to have this sort of thing stopped and distracting people from the real issue.
..or is that your intention? You certainly do enough rabble rousing and insulting. If you really want to help, stick to the facts, not the wild speculation.